First Android Malware Utilizing a Root Exploit on Android 2.3

The pace of the malware development is running at a light-speed. Do you remember the DroidKungFu trojan? A new improved variant of it, is now surfacing and its a lot more evolved includng a root exploit which allows the attacker to gain root access on the infected device.

The new piece of malware code, discovered by researchers at North Carolina State University, uses a jailbreak exploit for Android 2.3 Gingerbread.

GingerMaster is packaged in an infected app as a seemingly legitimate application file. Once that exploit runs, it gives the malware root privileges on the “zombie phone” beggining to collect data about the device for transmission to a remote server.

“The GingerMaster malware exists in infected apps by registering a receiver so that it will be notified when the system finishes booting. Insider the receiver, it will silently launch a service in the background. The background service will accordingly collect various information including the device id, phone number and others (e.g., by reading /proc/cpuinfo) and then upload them to a remote server,” Xuxian Jiang, an assistant professor at NC State, whose team found the GingerMaster malware, wrote in a blog article.

This is the first serious threat because it is able to gain root access on its own if the device is not rooted yet.

Mitigation:

Due to the fact that GingerMaster contains the most recent root exploit, we consider it poses one of the most serious threats to mobile users. For mitigation, please follow common-sense guidelines for smartphone security. For example,

download apps from reputable app stores that you trust; and always check reviews, ratings as well as developer information before downloading;

check the permissions on apps before you actually install them and make sure you are comfortable with the data they will be accessing;

be alert for unusual behavior on the part of mobile phones and make sure you have up-to-date security software installed on your phone.

Founded in 2010, PocketDroid formed as a group in early 2011 out of passion for the Android operating system. We are a group of enthusiasts, dedicated to bring you all the latest information, plus developments from the Android world: breaking news, phone & tablet reviews, tutorials, and the best apps & games findings and releases.
We welcome all feedback, suggestions, queries.